package com.bzy.blp.shiro;

import java.io.IOException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Set;
import javax.annotation.Resource;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.bzy.common.util.LoggerUtil;
import com.bzy.common.util.StringUtil;
import com.bzy.shiro.util.SessionUtil;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;

public class ServerFormAuthenticationFilter extends FormAuthenticationFilter {

	private String appKey;

//	@Resource
//	private UserService userService;

	public void setAppKey(String appKey) {
		this.appKey = appKey;
	}

	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue)
			throws Exception {
		if (request.getAttribute(getFailureKeyAttribute()) != null) {
			return true;
		}
		return super.onAccessDenied(request, response, mappedValue);
	}

	@Override
	protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
		String oauth_callback = request.getParameter("oauth_callback");
		if (StringUtil.isBlank(oauth_callback)) {
			oauth_callback = request.getParameter("redirect_uri");
		}
//		userService.loginHandler();
		redirectToSavedRequest(request, response, oauth_callback, getSuccessUrl());
	}

	private static void redirectToSavedRequest(ServletRequest request, ServletResponse response, String fallbackUrl,
			String defaultUrl) throws IOException {
		String successUrl = null;
		boolean contextRelative = true;

		if (StringUtil.isBlank(fallbackUrl)) {
			SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
			if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {
				successUrl = savedRequest.getRequestUrl();
				contextRelative = false;
			}
		} else {
			successUrl = fallbackUrl;
		}

		LoggerUtil.shiroLog("ServerFormAuthenticationFilter.java--redirectToSavedRequest--successUrl=" + successUrl
				+ ", fallbackUrl=" + fallbackUrl);

		if (successUrl == null) {
			successUrl = defaultUrl;
		}

		int index = successUrl.indexOf("?");
		if (index > 0) {
			successUrl = successUrl.substring(0, index);
		}

		String sign = (successUrl.contains("?") ? "&" : "?");
		successUrl += sign + "_=" + (new Date()).getTime();

		String requestHeaderText = "";
		HttpServletRequest httpRequest = (HttpServletRequest) request;
		Enumeration headerEnumeration = httpRequest.getHeaderNames();
		while (headerEnumeration.hasMoreElements()) {
			String headerName = (String) headerEnumeration.nextElement();
			requestHeaderText += headerName + "=" + httpRequest.getHeader(headerName) + "\t";
		}
		LoggerUtil.shiroLog(
				"ServerFormAuthenticationFilter.java--issueSuccessRedirect--requestHeaderText=" + requestHeaderText);
		String responseHeaderText = "";
		HttpServletResponse httpResponse = (HttpServletResponse) response;
		Enumeration headerEnumeration2 = httpRequest.getHeaderNames();
		while (headerEnumeration2.hasMoreElements()) {
			String headerName = (String) headerEnumeration2.nextElement();
			responseHeaderText += headerName + "=" + httpRequest.getHeader(headerName) + "\t";
		}
		LoggerUtil.shiroLog(
				"ServerFormAuthenticationFilter.java--issueSuccessRedirect--responseHeaderText=" + responseHeaderText);
		LoggerUtil.shiroLog(
				"ServerFormAuthenticationFilter.java--issueSuccessRedirect--sessionId=" + SessionUtil.getSessionId());
		WebUtils.issueRedirect(request, response, successUrl, null, contextRelative);
	}

}
